Questions tagged [syslog-ng]
Questions specific to the syslog-ng logging solution (https://syslog-ng.org/). Use this tag if your question relates to configuring or using syslog-ng, or if you'd like to know if you can solve a particular logging problem with syslog-ng.
80 questions
0
votes
0
answers
25
views
syslog-ng client is saving a message twice
I have an application sending messages using syslog perl module. syslog-ng client is capturing it by a custom filter that uses program name and writes it to a new file. I can see the log lines added ...
- 1
1
vote
1
answer
91
views
SELinux causing issue with syslog-ng
I have a little experience with RHEL 6 from around 2016-2018 timeframe, but not much. When I took a new job in January 2025, I inherited a couple RHEL 8 systems. Those systems are not connected to a ...
- 111
0
votes
1
answer
118
views
recommended frequency for syslog-ng's "stats" logging
Yesterday I upgraded a VM (with very limited disk space) from Debian/bookworm to the shiny new Debian/trixie.
One of the changes introduced was setting the frequency of status printout in syslog-ng to ...
- 6,734
0
votes
0
answers
58
views
cisco parser dropping logs
new to syslog-ng but been working on this issue for a few days and have nowhere to go. logs aren't really pointing me anywhere anymore that I can tell. I'm running syslog-ng as a container in an ...
0
votes
1
answer
820
views
How do I change the date/time format in syslog-ng from `mmm [d]d hh:mm:ss` to `yyyy-mm-dd hh:mm:ss`?
I noticed that the default datetime format for logs in /var/log/messages is mmm [d]d hh:mm:ss, for example:
Jan 4 03:46:50 1.2.3.4 ntpclient[6952]: Failed resolving address to hostname pool.ntp.org: ...
- 159
0
votes
2
answers
617
views
How do I check which conf file was loaded by syslog-ng when starting?
I am running syslog-ng on debian.
How do I check which conf file was loaded upon startup?
Neither
systemctl status syslog-ng
nor
systemctl show syslog-ng
tell me.
- 159
0
votes
0
answers
1k
views
Is rsyslog compatible with syslog-ng?
I am doing a project where the organisation uses syslog-ng for the central remote logging servers and this will surely not change.
The application suite that I am developing on, is using Red Hat ...
0
votes
1
answer
1k
views
Issue with uniqueness of the persist names in syslog-ng
I am new to syslog-ng and was trying to fix the issue of an error which arises due to uniqueness of the persist names in syslog-ng,
I see the below error in my syslog
err Error checking the ...
- 103
1
vote
1
answer
2k
views
Buildroot: syslog-ng logs into the "/var/log/messages.1" file instead of "/var/log/messages"
I am building an embedded Linux board with Buildroot (user manual here).
I have syslog-ng running on the board. It's config file is specified in buildroot here: https://github.com/buildroot/buildroot/...
- 3,022
0
votes
1
answer
3k
views
syslog-ng not writing to file
I am new to syslog-ng, and want to test writing to a syslog from an external device. The external device shows that it is "connected" to my syslog on port 516. However, on my CentOS7 host ...
- 1,993
1
vote
1
answer
516
views
syslog-ng does not include severity in its lines
I'm trying to configure syslog-ng in an embedded distro.
I added the syslog-ng package.
I was expecting the /var/log/ files to include their log severity / log level, but it isn't to.
Any way to ...
- 433
0
votes
1
answer
364
views
Howto log multiple sftpd server's activity which user's chrooted home is on shared NFS?
I have an Ubuntu server with sftpd running where /var/data/chroot/ is an NFS mount from a remote central NFS server, and each sftpd user's chroot home is /var/data/chroot/<username>/ and every ...
user319783
0
votes
0
answers
2k
views
Switched from rsyslog to syslog-ng, but its not starting up
I wanted to switch logging from rsyslog to syslog-ng, but after configuration and startup, it faield to start up.
This is the log file I am getting, but I cant find any clues there what is wrong:
rrr-...
- 151
2
votes
1
answer
1k
views
Any way to keep Stunnel from blowing up my logfiles?
I have stunnel v5.44 (Ubuntu 18.04 v3:5.44-1ubuntu3) configured on a client to connect to a server in a screened subnet. The remote host has syslog configured to listen for logfiles over the stunnel ...
- 577
0
votes
0
answers
404
views
internal logrotate mechanism in syslog-ng
Does the syslog-ng has its own rotating mechanism?
I am new to auditing and linux and I though I could use logrotate but I noticed that I need to restart the syslog-ng daemon every time when I use it ...
